A Tree Locality-Sensitive Hash for Secure Software Testing

Abstract

In order to eliminate bugs, developers may use symbolic execution to search through possible program states looking for anomalous states. Most of the computational effort to search through these states is spent solving path constraints in order to determine the feasibility of entering each state. State merging can make this search more efficient by combining program states, allowing multiple execution paths to be analyzed at the same time. However, a merge with dissimilar path constraints dramatically increases the time necessary to solve the path constraint. Currently, there are no distance measures for path constraints, and pairwise comparison of program states is not scalable. A hashing method is presented that clusters constraints in such a way that similar constraints are placed in the same cluster without requiring pair-wise comparisons between queries. When combined with other state-of-the-art state merging techniques, the hashing method allows the symbolic executor to execute more instructions per second and find more terminal execution states than the other techniques alone, without decreasing the high path coverage achieved by merging many states together.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 14, 2017
Accession Number
AD1042916

Entities

People

  • Camdon R. Cady

Organizations

  • Air Force Institute of Technology

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies

DTIC Thesaurus Topics

  • Air Force
  • Computations
  • Computer Programs
  • Computers
  • Debugging
  • Department Of Defense
  • Detection
  • Governments
  • Instructions
  • Language
  • Network Protocols
  • Probability
  • Software Development
  • Software Testing
  • United States
  • United States Government
  • Virtual Machines

Fields of Study

  • Computer science

Readers

  • Applied Combinatorial Optimization and Logic Circuit Design.
  • Software Engineering.